Shintaro Ueda

A secure logging scheme for Forensic Computing

In this paper, we propose a secure logging scheme for Forensic Computing. Forensic Computing is the process conducted to identify the method of an attack and intruders in the case of system compromise. In Forensic Computing, trustworthy logs admissible for court are needed. Moreover, since the log contains various confidential information, the confidentiality of the log must be preserved. Our scheme achieves the integrity of logs and fine-grained access control for logs with small overhead size using the signature tree and Forward Integrity.

ACTM: Anomaly Connection Tree Method to detect Silent Worms

In this paper we propose a novel worm detection method that can detect silent worms in intranet. Most existing detection methods use aggressive activities of worms as a clue for detection and are ineffective against worms that propagate silently using a list of vulnerable hosts. To detect such worms, we propose anomaly connection tree method (ACTM). ACTM uses two features present to most worms. First is that the worms propagation behavior is expressed as tree-like structures. Second is that the worms selection of infection targets does not consider which hosts its infected host communicates too frequently. Then, by constructing trees that are composed of anomaly connections, ACTM detects the existence of such worms. Through the simulation results, we have shown that ACTM can detect the worms in an early stage

Authenticating Video Streams

In this paper, we propose SAVe, a real-time stream authentication scheme for video streams. Each packet in the stream is authenticated to correspond to packet loss seen in UDP-based streaming. Since temporal and spatial compression techniques are adopted for video stream encoding, there are differences in the importance and dependencies between frames. Therefore, to take the characteristics special to video into consideration, in SAVe the amount of redundancy distributed to each frame is adjusted according to the importance of each frame. Simulation results show that SAVe improves the playing rate 50% compared to previously proposed schemes

Efficient log authentication for forensic computing

In this paper, an efficient log authentication scheme for forensic computing is proposed. To conduct reliable forensic computing, it is required that the logs as digital evidences be verified. To verify them, digital signatures issued by authorities are needed. However, if many logging hosts connect to the server that issues the signatures, the traffic of the server will increase. Therefore, the authors proposed an efficient log authentication scheme for forensic computing. The scheme reduces the traffic of the sign server, which signs the logs of the logging hosts, by using distributed Merkle tree algorithm among the logging hosts. The schemes effectiveness was shown through evaluation experiments.

Stream authentication scheme for the use over the IP telephony

We propose a streaming authentication scheme for the use over the IP telephony. To clear the strict real-time transmission requirements of the IP telephony, the latency and interval between signatures are adjusted dynamically according to the transmission quality of the network. This provides efficient signing and continuous authentication during real-time streaming. We show our schemes advantages over previously proposed schemes by comparing delay on the sender and receiver side, and tolerance to packet loss.

Examination of Forwarding Obstruction Attacks in Structured Overlay Networks

In this paper, we focus on forwarding obstruction attacks in structured overlay networks, and evaluate the impacts of the attacks through computer simulations, and finally propose countermeasures. One countermeasure is duplicating the network, and we show the improvement in the successful search rate. Also by examining the network in biased forwarding situations, the existence of nodes handling most of the search queries is verified. Approximately 80% of all search queries reaches a Hub node by the third hop in the search route.

An image authentication scheme considering privacy - a first step towards surveillance camera authentication

In this paper, we propose an authentication scheme considering privacy aimed for JPEG images. A picture from a surveillance camera must be authenticated when submitted to a third party, such as a legal organization, courts and so on. On one hand, privacy of objects in the picture must be considered. Therefore, mosaic and masking must be performed to the picture if needed. Our scheme authenticate JPEG picture, where parts are processed by mosaic and masking. Our scheme uses Merkle tree and Sandhu tree and achieves small overhead size needed to authenticate the processed picture.